Government Technology

Government Agencies Among Those Hacked in Massive January Botnet Attack



Cyber_Security

February 22, 2010 By

A massive cyber-attack has compromised the information of roughly 75,000 computer systems in at least 2,400 corporations and governments around the world, according to a U.S. security firm.

The Washington Post reported on Feb. 18, that NetWitness, based in Virginia, has found that the Kneber bot is responsible for an infiltration that began in 2008 but was discovered just this past month, almost two years after it was supposed to have begun. Targeted data includes e-mails, credit card transactions and log-in credentials. Kneber is being deemed a botnet, a computer program created by a Trojan designed to infiltrate computers and wreak havoc.

"Botnets themselves aren't new," said Michael Maloof, CTO of TriGeo Network Security. "Most of the spam on the Internet is driven by millions of compromised PCs, but I think what is relatively new is that the botnet herders seem to be targeting high-value corporations and certainly high-value government institutions."

Amit Yoran, CEO of NetWitness, told The Wall Street Journal that Eastern European criminals originated the attack by using computers in China. Neither the Journal nor the Post claims that it had anything to do with government powers in those countries.

"The technology itself is not a big deal, but the risk is," Maloof said. "And I think anyone who's not taking the risk seriously really needs to wake up and smell the coffee here. This falls into this category, really, [of] an advanced persistent threat. There are highly organized individuals out there who have access to sophisticated technology,"

Ten government agencies in the United States were victims in the attack, but the vast majority of those targeted were from the private-sector health and technology areas. Unfortunately neither the public- nor private-sector organizations were able to protect themselves from the breach, perhaps suggesting that the IT community as a whole needs to be more diligent in security.

Jeff Nigriny, president of CertiPath, suggested that IT security professionals need to be as competent in protecting computers systems as doctors and scientists are in protecting the biological world.

"I don't think you would ever see a report in the medical community about one system in the human body shutting down after another," he said. "We have doctors who are trained to find the route cause, whether it's cancer, radiation poisoning or a blood disorder, whatever."

 


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Improving Emergency Response with Digital Communications
Saginaw County, Mich., increases interoperability, communication and collaboration with a digital voice and data network, as well as modern computer-aided dispatch.
Reduce Talk Time in Your Support Center by 40%
As the amount of information available to citizens and employees grows each year, so do customer expectations for efficient service. Contextual Knowledge makes information easy to find, dropping resolution times and skyrocketing satisfaction.
Emerging Technology Adoption in Local Government
In a recent survey conducted by Government Technology, 125 local government leaders shared their challenges, benefits and priorities when adopting emerging technologies such as cloud, mobility and IP. Read how your jurisdiction’s adoption of technology compares to your peers.
View All

Featured Papers